package com.shiro.shiro_demo.config;


import com.shiro.shiro_demo.enums.LoginType;
import com.shiro.shiro_demo.realm.MyModularRealmAuthenticator;
import com.shiro.shiro_demo.realm.UserPasswordRealm;
import com.shiro.shiro_demo.realm.WechatLoginRealm;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

@Configuration
public class ShiroConfig {

//    /**
//     * 创建过滤器工厂 过滤器 只需要配置 不需要自己创建
//     * @return
//     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean factoryBean =
                new ShiroFilterFactoryBean();
        Map map=new HashMap();
        map.put("/book/*","anon");

        factoryBean.setFilterChainDefinitionMap(map);

        factoryBean.setSecurityManager(securityManager);
        return factoryBean;
    }
//
//
//    /**
//     * 创建安全管理器
//     * @param a
//     * @return
//     */
//    @Bean
//    public DefaultWebSecurityManager defaultWebSecurityManager(AuthenRealm a){
//        DefaultWebSecurityManager securityManager =
//                new DefaultWebSecurityManager();
//        securityManager.setRealm(a);
//        return  securityManager;
//    }
//
//    /**
//     * 创建自定义的Realm 这是自己写的认证领域
//     * @return
//     */
//    @Bean
//    public AuthenRealm authenRealm(){
//        return new AuthenRealm();
//    }

    /**
     * 以上是之前写的
     */
    /**
     * 此处只贴出修改的代码，其他代码请详见上篇博文
     */

    /**
     * SecurityManager 是 Shiro 架构的核心，通过它来链接Realm和用户(文档中称之为Subject.)
     */
    @Bean
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setAuthenticator(modularRealmAuthenticator());

        List<Realm> realms = new ArrayList<>();
        // 统一角色权限控制realm
//        realms.add(authorizingRealm());
        // 用户密码登录realm
        realms.add(userPasswordRealm());
//        // 用户手机号验证码登录realm
//        realms.add(userPhoneRealm());
        // 微信登录realm
        realms.add(wechatLoginRealm());

        securityManager.setRealms(realms);
//        // 自定义缓存实现 使用redis
//        securityManager.setCacheManager(cacheManager());
//        // 自定义session管理 使用redis
//        securityManager.setSessionManager(sessionManager());
        return securityManager;
    }



    /**
     * 自定义的Realm管理，主要针对多realm
     */
    @Bean("myModularRealmAuthenticator")
    public MyModularRealmAuthenticator modularRealmAuthenticator() {
        MyModularRealmAuthenticator customizedModularRealmAuthenticator = new MyModularRealmAuthenticator();
        // 设置realm判断条件
        customizedModularRealmAuthenticator.setAuthenticationStrategy(new AtLeastOneSuccessfulStrategy());

        return customizedModularRealmAuthenticator;
    }

//    @Bean
//    public AuthorizingRealm authorizingRealm(){
//        AuthorizationRealm authorizationRealm = new AuthorizationRealm();
//        authorizationRealm.setName(LoginType.COMMON.getType());
//
//        return authorizationRealm;
//    }

    /**
     * 密码登录realm
     *
     * @return
     */
    @Bean
    public UserPasswordRealm userPasswordRealm() {
        UserPasswordRealm userPasswordRealm = new UserPasswordRealm();
        userPasswordRealm.setName(LoginType.USER_PASSWORD.getType());
        // 自定义的密码校验器
//        userPasswordRealm.setCredentialsMatcher(credentialsMatcher());
        return userPasswordRealm;
    }


    /**
     * 微信授权登录realm
     * @return
     */
    @Bean
    public WechatLoginRealm wechatLoginRealm(){
        WechatLoginRealm wechatLoginRealm = new WechatLoginRealm();
        wechatLoginRealm.setName(LoginType.WECHAT_LOGIN.getType());

        return wechatLoginRealm;
    }

//    @Bean
//    public CredentialsMatcher credentialsMatcher() {
//        return new CredentialsMatcher();
//    }

}
